Known Vulnerabilities for DCMTK by OFFIS
Listed below are 10 of the newest known vulnerabilities associated with "DCMTK" by "OFFIS".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-50003 json | A malicious or compromised server can make a DCMTK client using bit-preserving C-GET storage mode write files outside the cho... | Not Provided | 2026-06-30 | 2026-07-01 |
| CVE-2026-12805 json | A flaw has been found in OFFIS DCMTK up to 3.7.0. The affected element is the function XMLNode::parseFile in the library ofst... | Not Provided | 2026-06-21 | 2026-06-23 |
| CVE-2026-10528 json | A security flaw has been discovered in Orthanc DICOM Server up to 1.12.11. This issue affects the function DcmItem::read of t... | Not Provided | 2026-06-02 | 2026-06-02 |
| CVE-2026-10194 json | A weakness has been identified in OFFIS DCMTK 3.7.0. This affects the function DcmQueryRetrieveIndexDatabaseHandle::deleteOld... | Not Provided | 2026-05-31 | 2026-05-31 |
| CVE-2026-5663 json | A security flaw has been discovered in OFFIS DCMTK up to 3.7.0. This impacts the function executeOnReception/executeOnEndOfSt... | Not Provided | 2026-04-06 | 2026-04-07 |
| CVE-2022-43272 json | DCMTK v3.6.7 was discovered to contain a memory leak via the T_ASC_Association object. | 7.5 - HIGH | 2022-12-02 | 2023-11-07 |
| CVE-2022-4981 json | Not Provided | 2025-10-21 | 2026-04-29 | |
| CVE-2022-2121 json | OFFIS DCMTK's (All versions prior to 3.6.7) has a NULL pointer dereference vulnerability while processing DICOM files, which ... | 6.5 - MEDIUM | 2022-06-24 | 2022-07-05 |
| CVE-2022-2120 json | OFFIS DCMTK's (All versions prior to 3.6.7) service class user (SCU) is vulnerable to relative path traversal, allowing an at... | 9.8 - CRITICAL | 2022-06-24 | 2022-07-05 |
| CVE-2022-2119 json | OFFIS DCMTK's (All versions prior to 3.6.7) service class provider (SCP) is vulnerable to path traversal, allowing an attacke... | 9.8 - CRITICAL | 2022-06-24 | 2022-07-05 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Offis | Dcmtk | 3.6.4 | |||
| Application | Offis | Dcmtk | 3.6.3 | |||
| Application | Offis | Dcmtk | 3.6.2 | |||
| Application | Offis | Dcmtk | 3.6.0 | |||
| Application | Offis | Dcmtk | 3.5.4 | |||
| Application | Offis | Dcmtk | 3.5.3 | |||
| Application | Offis | Dcmtk | 3.5.2 | |||
| Application | Offis | Dcmtk | 3.5.1 | |||
| Application | Offis | Dcmtk | 3.5.0 | |||
| Application | Offis | Dcmtk | 3.4.2 | |||
| Application | Offis | Dcmtk | 3.4.1 | |||
| Application | Offis | Dcmtk | 3.4.0 | |||
| Application | Offis | Dcmtk | 3.3.1 | |||
| Application | Offis | Dcmtk | 3.3.0 | |||
| Application | Offis | Dcmtk | 3.2.1 | |||
| Application | Offis | Dcmtk | 3.2.0 | |||
| Application | Offis | Dcmtk | 3.1.2 | |||
| Application | Offis | Dcmtk | 3.1.1 | |||
| Application | Offis | Dcmtk | 3.1.0 |